Manualshelf

HP Application Recovery Manager software A.06.10 Installation and licensing guide (March 2008)

ManualsBrandsHP ManualsSoftwareHP Application Recovery Manager Cell Manager Windows Media Kit
101102103104105106107108109110
Disk arrays (and the clients they are connected to) must be physically protected
from unauthorized or untrusted personnel.
During backup or restore data is transferred via network. You should provide
sufficient separation from the untrusted network.
Refer also to the online Help for other security related aspects.
Securing clients
After you have installed Application Recovery Manager clients and imported them
to a cell, it is highly recommended to protect the clients from access by unwanted
clients.
Application Recovery Manager allows you to specify from which cell authorities (Cell
Manager and Installation Servers) a client will accept requests on the Application
Recovery Manager port 5555. Consequently, other computers will not be able to
access such a client. See also Client security on page 98.
For tasks like backup and restore, starting pre- or post-execution scripts, or importing
and exporting clients, the client checks whether the computer which triggers one of
these tasks via the Application Recovery Manager port (default 5555) is allowed to
do so. This security mechanism instructs the client to accept such actions only from
the specified cell authorities.
Consider exceptional situations
Before limiting the access to clients, consider the following circumstances which may
cause problems:
A cell authority has several LAN cards and several IP addresses/client names.
The Cell Manager is cluster-aware.
Application Recovery Manager lets you specify not only one but a list of systems that
are explicitly authorized to connect as a cell authority to the client. To avoid failure,
prepare in advance such a list of all possible valid client names for alternate cell
authorities.
The list should include:
All additional client names (for all LAN cards) of the cell authority.
Client names of all cluster nodes where the Cell Manager might failover, as well
as a cluster virtual server hostname.
The target system name to which a cell authority will be moved in case of a total
hardware failure of the cell authority.
Installation and licensing guide 101